Hello Devid, or anyone else affected, Accepted gui-ufw into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gui- ufw/15.04.4-0ubuntu0.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Description changed: - Please upgrade gui-ufw to 15.04.4 in vivid,. + [Impact] + Please upgrade gui-ufw to 15.04.4 (bugfix only release) in vivid. + + [Test Case] + Please ensure various bugs are fixed in new version. Shell injection, and profiles with english language. + + [Regression Potential] + This is a bugfix only release. And addresses specific issues. + + -- CHANGELOG: - + 15.04.4 - - Fix: Migrate commands to subprocess > Fixing shell injection (LP: #1412554) - - Fix: Allow import profile with English language (LP: #1416631) - - Removed executable flag in config files (mask 600, not 700) - - Updated translations - + 15.04.3 - - Properly fix: Shell Command Injection (LP: #1410839) - + 15.04.2 - - Fix: Shell Injection in the IP & Ports values. - + 15.04.1 - - Fix: Shell Command Injection (LP: #1410839) - - Fix: Not allow one interface over the same interface (LP: #1402220) - - Fix: Not allow Both Protocol with a range of ports (LP: #1402232) - - Updated languages + + 15.04.4 + - Fix: Migrate commands to subprocess > Fixing shell injection (LP: #1412554) + - Fix: Allow import profile with English language (LP: #1416631) + - Removed executable flag in config files (mask 600, not 700) + - Updated translations + + 15.04.3 + - Properly fix: Shell Command Injection (LP: #1410839) + + 15.04.2 + - Fix: Shell Injection in the IP & Ports values. + + 15.04.1 + - Fix: Shell Command Injection (LP: #1410839) + - Fix: Not allow one interface over the same interface (LP: #1402220) + - Fix: Not allow Both Protocol with a range of ports (LP: #1402232) + - Updated languages EXPLANATION OF NEW UPSTREAM RELEASE (and -proposed): As you can see in the changelog, this new upstream release is mostly a bug fixes release (some of them are important), other changes are only translations updates. I uploaded a copy of this package to my PPA (gui-ufw 15.04.4-0ubuntu0.1~devfil2) to prove that it actually builds. Upstream (Marcos) is very active in our community and followed and fixed all bugs in an amazing way asking for tests and so on. This package should have been already uploaded before release, upstream wrote me several email, but I missed them, sorry Marcos and sorry community, my fault. @Marcos, can I please ask you to provide security issues patches (one for issue, keep them minimal only needed changes) for 14.10, 14.04 and 12.04 (if affected) so I can create packages and get them uploaded through security team? Thank you. ** Changed in: gui-ufw (Ubuntu Vivid) Status: Incomplete => Fix Committed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1462092 Title: [SRU] Please upgrade gui-ufw to 15.04.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gui-ufw/+bug/1462092/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
